WNF Code Execution Library Using C#
☆110May 18, 2020Updated 5 years ago
Alternatives and similar repositories for wnfexec
Users that are interested in wnfexec are comparing it to the libraries listed below
Sorting:
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- Some of my custom "tools".☆28Feb 21, 2022Updated 4 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆520Feb 1, 2024Updated 2 years ago
- ☆246Dec 16, 2022Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- ☆48Feb 11, 2023Updated 3 years ago
- ☆166Nov 6, 2022Updated 3 years ago
- ☆207Feb 24, 2022Updated 4 years ago
- Tools and PoCs for Windows syscall investigation.☆367Dec 2, 2025Updated 3 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆384Apr 16, 2022Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆124Apr 9, 2022Updated 3 years ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆430Jul 22, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- ☆72Aug 2, 2022Updated 3 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago
- ☆52Apr 1, 2022Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- Bypass Malware Time Delays☆107Sep 23, 2022Updated 3 years ago
- Patch AMSI and ETW☆250May 8, 2024Updated last year
- ☆121Dec 23, 2022Updated 3 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆162Mar 1, 2024Updated 2 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- Coerce Windows machines auth via MS-EVEN☆174Jan 17, 2024Updated 2 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆363Dec 19, 2022Updated 3 years ago